Role in IT decision-making process:Align Business & IT GoalsCreate IT StrategyDetermine IT NeedsManage Vendor RelationshipsEvaluate/Specify Brands or VendorsOther RoleAuthorize PurchasesNot Involved

Work Phone:

Company:

Company Size:

Industry:

Street Address

City:

Zip/postal code

State/Province:

Country:

Occasionally, we send subscribers special offers from select partners. Would you like to receive these special partner offers via e-mail?YesNo

Your registration with Eweek will include the following free email newsletter(s):News & Views

By submitting your wireless number, you agree that eWEEK, its related properties, and vendor partners providing content you view may contact you using contact center technology. Your consent is not required to view content or use site features.

By clicking on the "Register" button below, I agree that I have carefully read the Terms of Service and the Privacy Policy and I agree to be legally bound by all such terms.

RSA Improves Identity Assurance With SecurID Access Update

On the first day of its security conference, RSA announces a big update for the SecurID platform, providing more access options and security analytics to help organizations keep identities and access secure.

RSA, a Dell Technologies business, has for well over a decade provided its customers with a hardware-based two-factor authentication technology known as SecurID. RSA is no longer limiting SecurID to just hardware, and at its RSA Conference 2017 event that kicks off today in San Francisco, the company is announcing new capabilities for its expanded RSA SecurID Access product portfolio. "We're evolving SecurID Access to go beyond just the hardware tokens with a number of frictionless capabilities to help people prove they are who they say they are," Jim Ducharme, vice president of Engineering and Product Management at RSA, told eWEEK

Among the expanded identity assurance capabilities in the SecurID Access portfolio are cloud and mobile options, as well as advanced risk-based analytics.

The mobile multifactor authentication application that is part of the expanded SecurID Access portfolio provides new authentication options, including biometrics. Additionally, Ducharme noted that RSA has added context-based risk analytics to the mobile authentication technology.

"We now have context-based awareness for things like known location and known device for users; as well, we are making use of a behavioral engine," he said. "We have leveraged technology that we have been working on for years as part of our adaptive authentication products that have been typically used to protect online transactions against fraud."

Further reading

RSA has other security analytics technology in its portfolio, including the NetWitness offering that has the goal of using analytics to help identify potential attacks and improve security. Ducharme explained that SecurID makes use of risk-based analytics to provide a higher degree of user authentication integrity.

RSA Via Access

The new RSA SecurID Access portfolio being announced at the 2017 RSA Conference isn't the first time the company has used its big event to announce new authentication technology. At the 2015 RSA Conference, RSA announced an identity authentication platform called Via, which included access, governance and lifecycle components. As it turns out, the Via portfolio no longer exists and instead has been integrated into the new SecurID Access offerings.

"Via Access is no more," Ducharme said.

Ducharme explained that when Via Access was announced in 2015, RSA's intent was to provide new authentication capabilities for the modern enterprise. Unfortunately, the Via product was thought to be a replacement for SecurID, but Ducharme said it was not intended to replace SecurID, but rather to be a complementary technology.

"So we combined the Via Access and SecurID portfolio together into what is now called RSA SecurID Access," he said.

Cloud

Among the enhanced capabilities in the new RSA SecurID Access portfolio is the ability to deploy identity assurance features in the cloud.

"SecurID now can not only be deployed in the cloud, but it can also protect applications that are deployed in the cloud as well," Ducharme said.

The idea of securing access to cloud applications is one in which Cloud Access Security Broker (CASB) technologies often come into play. Ducharme explained that RSA SecurID Access includes a reverse proxy, providing an identity control point for the cloud. He added that RSA's goal is help provide identity assurance on a continuous basis.

From a compliance perspective, RSA has an integration between SecurID Access and the RSA Archer GRC (Governance, Risk and Compliance) platform. Ducharme said that RSA Archer has an identity risk dashboard that can be populated with data from SecurID Access to help quantify and articulate the risk and the controls in place, to help customers manage their identity risk.

"We believe that identity is the most consequential attack vector now for the enterprise," he said.

Sean Michael Kerner is a senior editor at eWEEK and InternetNews.com. Follow him on Twitter @TechJournalist.